CA2582315C - Method for updating a table of correspondence between a logical address and an identification number - Google Patents

Method for updating a table of correspondence between a logical address and an identification number Download PDF

Info

Publication number
CA2582315C
CA2582315C CA2582315A CA2582315A CA2582315C CA 2582315 C CA2582315 C CA 2582315C CA 2582315 A CA2582315 A CA 2582315A CA 2582315 A CA2582315 A CA 2582315A CA 2582315 C CA2582315 C CA 2582315C
Authority
CA
Canada
Prior art keywords
user unit
stb
logical address
identification number
unique identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CA2582315A
Other languages
French (fr)
Other versions
CA2582315A1 (en
Inventor
Philippe Stransky
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nagravision SARL
Original Assignee
Nagravision SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nagravision SA filed Critical Nagravision SA
Publication of CA2582315A1 publication Critical patent/CA2582315A1/en
Application granted granted Critical
Publication of CA2582315C publication Critical patent/CA2582315C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5076Update or notification mechanisms, e.g. DynDNS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a method for updating a table of correspondence between a logical address (AD), which is associated with a user unit in a communications network, and a unique identification number (UA), which is associated with a user unit of a group of user units managed by a management center (CG), during which messages are exchanged between this management center and at least one specific user unit (STB*) of said group via the communications network, these messages being routed to specific user unit (STB*) while using the logical address (AD*) of said user unit in this network. The invention is characterized by comprising the following steps:
searching within the table of correspondence (TC) for the logical address (AD*) of the user unit in this communications network that corresponds to the unique identification number (UA*) of the specific user unit (STB*); sending messages to the user unit (STB*) having the relevant unique identification number (UA*), to the logical address (AD*) corresponding to this communications network; in the event of bad reception of messages, sending a request containing an identifier of said specific user unit (STB*), this request being sent to all or a portion of the user units (STB) belonging to said group; detecting a return message of a user unit (STB*) whose unique identification number (UA*) corresponds to the identifier contained in the request; determining the logical address (AD*) in the network used by the user unit (STB*) having transmitted the return message; verifying the logical address (AD) by establishing a communication between the management center and the user unit (STB*), and authenticating the specific user unit by management center; storing, in the table of correspondence (TC) of the management center, said logical address (AD*) of the user unit in the network associated with the unique identification number (UA*) of the user unit (STB*) having transmitted the return message.

Description

1 , METHOD FOR UPDATING A TABLE OF CORRESPONDENCE
BETWEEN A LOGICAL ADDRESS AND AN INDENTIFICATION
NUMBER

FIELD OF THE INVENTION

This invention relates to a method for updating a table of correspondence between a logical address associated to a user unit in a communication network and a unique identification number associated to this user unit of a group of user units.

The user unit allows in particular access to conditional access content lo or data, this data being transmitted by a network such as, for example, the Internet.

In the context of this invention, two types of sending are simultaneously used. Indeed, content such as for example Pay-TV events, is sent in broadcast mode to several user units, generally to a large number of units. This content is generally encrypted in such a way that a user not in possession of the required decrypting keys is not able to access the encrypted content. These keys are sent according to a second sending type, in messages individually addressed to each user unit, via a network of communication means in which each user has a logical address.

PRIOR ART

Conventionally, a user unit includes data processing means, which can be a computer, a decoder or another similar element and a security module responsible for the cryptographic operations associated to the access or processing of the data. As it is well known, this security module can be essentially achieved according to four distinct forms.
One of these is a microprocessor card, a chip card, or more generally an electronic module (taking the form of key, a badge,...). This type of module is generally removable and connectable to the decoder. The form with electric contacts is the most widely used, but a connection without contact for example of the type ISO 14443 is not excluded.

A known second form is that of an integrated circuit shell, generally placed definitively and irremovably in the decoder. An alternative is made up of a circuit mounted on a display base or connector such as a SIM module connector.

In a third form, the security module is integrated into an integrated circuit shell also having another function, for example in a descrambling io module of the decoder or the microprocessor of the decoder.

In a fourth embodiment, the security module is not produced in material form, but its function is implemented only in software form. Given that in the four cases, the function is identical although the security level differs, we can talk about a security module regardless of the way in is which its function is carried out or the form that this module may take.
The user unit includes a unique identification number that can be stored in the processing means of the data and/or in the security module.
Conventionally, several user units form a group that is managed by a management centre. In the scope of the present invention, the user 20 units and the management centre can communicate between each other by means of a communication network that can be in particular a global network such as the Internet. According to the configuration of the network, a management centre can have difficulties in initiating a communication with a user unit. Preferably, it is the user unit that 25 initiates the communication by sending a request to the management centre. This request can pass through several routing devices before reaching the management centre. At the moment in which the user unit starts the communication with the management centre, a communication channel between the management centre and the user unit is maintained open, so that communications can also be transmitted from the management centre towards the user unit.

A dynamic address is assigned to the user unit to allow communication with the management centre. This dynamic address is generally different for each communication session.

When a message must be sent back to the multimedia unit that has initiated the communication and transmitted the request, the management centre sends its message using the channel or dynamic io address that is maintained open during the session.

The patent N US 5,278,829 describes a process that allows a management centre to send messages to a user unit. More precisely, this patent describes a control process of physical addresses of a receiver host, generally a computer, inside a network. This network is made up of a host transmitter and several host receivers. Each host is identified by a physical address. These physical addresses are stored in the host transmitter and are associated to a temporary value such as the date of their last use.

When the transmitter must send a message to a receiver, it searches for the physical address of this receiver in its memory. If it finds said address, it determines if the stored date is older than a threshold value.
If this is not the case, the transmitter sends the message to the receiver.
If the date is older than the threshold value, the transmitter sends a first message to the receiver, using the stored physical address. It then waits for a receipt from the receiver. If it receives this receipt, the transmitter sends the content to the receiver. On the contrary, if it does not receive a receipt, it diffuses a message to all the receivers requesting the receipt for this message. If it receives a receipt, it can then store the new physical address of the receiver that has sent back the receipt.
The method described in this patent only works in the very particular cases in which a host receiver almost never changes its physical address. In fact, as a message is transmitted to a physical address stored in the host transmitter, if the physical addresses are modified for each activation, the possibilities of a message arriving at the correct user unit are practically null.

Moreover, as the physical addresses are generally re-assigned, it is possible for the management centre to send a message to a user unit other than the desired unit even when this user unit sends back a io receipt to the management centre to confirm the correct reception of the message.

In the conventional systems in which the physical addresses change and are re-assigned at each connection, the process described in US
patent 5,278,829 fails to work.

This process presents the drawback that the messages sent are very often unnecessary and occupy bandwidth which could be used in a much more suitable way. Moreover, the reception of the message by an undesired user unit can have consequences in terms of security.

Another process consists of starting a reinitialization step when the user unit no longer works. The aim of this process is to transmit the unique identification number to the management centre, by means of a communication network, using a specific address.

In this case, the subscriber must wait until the reinitialization is completed. This can last a relatively long time, normally several minutes, during which time the decrypting of the data is not possible.

Another problem with the methods of the prior art is known under the term "Address spoofing" or address usurpation. Using this process, a user unit can modify an identifier connected to the communication address in such a way that the management centre believes it is communicating with a specific user unit when in reality it is transmitting data to another unit.

AIMS OF THE INVENTION
5 This invention intends to withdraw the drawbacks of the processes of the prior art by carrying out a process that allows an automatic update of a table of correspondence between the logical addresses of the communication network and the unique identification number of the user units. This update is carried optimally since the search for the io addresses is only undertaken for addresses that have changed. The bandwidth is thus not unnecessarily occupied. It also aims to transmit quickly a content or data to a user unit, without any time loss for the user. Moreover, the update is carried out without the user momentarily losing access to the service.

This invention also aims to ensure that the management centre actually communicates with the user unit registered to the stored address. This has two functions. On one hand, it is used to prevent a message from being sent to a false address. On the other hand, it is used to prevent a user unit from fraudulently passing itself off as another user unit (address spoofing).

These aims are achieved by a method for updating a table of correspondence between a logical address (AD) associated to a user unit in a communication network and a unique identification number (UA) associated to a user unit of a group of user units managed by a management centre (CG), a method in which messages are exchanged between said management centre and at least one specific user unit (STB*) of said group by means of said communication network, these messages being forwarded to the specific user unit (STB*) using the logical address (AD*) of said user unit in said network, characterized in that it comprises the following steps:
- search in said table of correspondence (TC) for the logical address (AD*) of the user unit in said communication network corresponding to the unique identification number (UA*) of the specific user unit (STB*);
- sending of messages to the user unit (STB*) having the concerned unique identification number (UA*), to the logical address (AD*) corresponding to said communication network;
- in the case of incorrect reception of the messages, sending of a request containing an identifier of said specific user unit (STB*), this request being sent to all or a part of the user units (STB) forming said group;
- detection of a return message of a user unit (STB*) whose unique identification number (UA*) corresponds to said identifier contained in the request;
- determination of the logical address (AD*) in said network, used by the user unit (STB*) having transmitted the return message;
- verification of the logical address (AD) by establishing a communication between the management centre and the user unit (STB*) and authentication of the specific user unit by the management centre, - storage in the table of correspondence (TC) of the management centre of said logical address (AD*) of the user unit in said network, in connection with said unique identification number (UA*) of the user unit (STB*) having transmitted the return messages.

According to the method of the invention, the management centre automatically detects a change in the communication address associated to a specific user unit. This automatic detection is possible thanks to the use of a return message or a receipt. More particularly, the receipt can be made in different ways. According to a first way, a request is sent to a user unit by the management centre, using the logical address known by the management centre. If a message is returned to the management centre by the user unit, the logical address will be considered as correct. This very simple method operates only if the logical addresses that are no longer in service are not re-assigned to another user unit, as is generally the case in practice.

According to another method, when the management centre sends back to a user unit a response to a request originating from this unit, the io response contains the unique identification number of the user unit for which the response is intended. The user unit then verifies its own unique identification number and sends back a return message or receipt to the management centre indicating whether or not its identification number corresponds to that contained in the response.

According to a third method, the management centre asks the user unit to send its unique identification number. This is compared at the level of the management centre and not at the level of the user unit as in the previous case.

According to a fourth method, a true authentication of the user unit is carried out. For this, one of the possible authentication procedures consists in sending a message containing a number to the user unit that is to be authenticated, for example a random number generated by the management centre. This message is then received by the user unit and then encrypted with a key contained in this unit, in the decoder or in the security module. Any other form of mathematical modification using one unique variable per user unit can be used. This random encrypted number is sent back to the management centre. The management centre decrypts the message received by means of a key stored in the management centre and corresponding to the user unit that is the object of the search. The decrypted value is compared to the initial random number. If these are equal, the user unit is considered as authentic. If not, the user unit is considered as fraudulent and the messages addressed to this unit are not sent to it. These messages can in particular be rights or keys allowing access to the encrypted contents.
The keys used for authentication can of course be symmetrical or asymmetrical keys.

It should be noted that this detection step can be carried out without interrupting the access to data by the user, namely the user can io continue to use the service and for example visualize data during the detection.

When the logical address of a user unit has changed, the latter sends a request to the management centre, indicating the new logical address as well as the identification data connected to the user unit. This new address can be stored in the management centre after authentication.
During all these operations, the user is not prevented from using the service. This update is thus carried out in a totally transparent way for the user.

BRIEF DESCRIPTION OF THE DRAWINGS

2o This invention and its advantages will be better understood with reference to a preferred embodiment of the invention and to the enclosed drawings in which:
- Figure 1 represents the assembly system to which the process of the invention is applied; and - Figure 2 represents the steps of the process of the invention.
WAYS TO CARRY OUT THE INVENTION
With reference to the Figures, the process of the invention is carried out in an environment in which content or data such as, in particular, conditional access data is transmitted to user units STB. This data can in particular be content in the field of Pay-TV or data associated to services. The user units can be a decoder or a computer for example, containing a security module. The data is transmitted by a data supplier and is diffused by a diffusion centre to the majority or of all the user units. On the contrary, the access rights are distributed in point-to-point form only to authorized users. These access rights are processed by a io management centre CG. The diffusion centre and the management centre can be two distinct entities or alternatively the same entity. The data is transmitted to user units by means of a line in a communication network RC such as for example the Internet network. A physical communication address corresponds to this line. More particularly, the 1s physical communication address can be made up of a chain of physical addresses and communication ports that correspond to physical addresses of devices used between the management centre and a specific user unit.

The user units STB managed by one management centre CG are part 20 of a group of user units. Each unit has a unique identification number UA that is generally stored in a security module associated to a decoder, the decoder and the security module forming this user unit. It should be noted that this identification number UA is in a format belonging to the management centre. This means that it has no 25 meaning at the level of the communication network between the management centre and the decoders.

Each user unit is associated to a logical address AD of the communication network. This logical address is that which is used by the management centre to transmit a message to a specific user unit.
3o This logical address is made up of a static IP address, a MAC address or of an alphanumeric character sequence which can constitute a name, for example. A logical address could be, for example, "decodeur.nagra.com". The logical address is generally stored in the decoder.

5 The connection between the physical variable address and the fixed logical address is established in a known way by means of a server known under the acronym DHCP server (Dynamic Host Configuration Protocol). On the other hand, the DNS server maintains a correspondence list between the address defined by the DHCP server 1o and the logical address of the user unit.

The management centre contains a table of correspondence TC
between the logical address AD of a decoder in the communication network and the unique identification number UA of the corresponding security module. This table of correspondence can also contain a key that is associated to each user unit.

As a rule, the physical communication address between a user unit and the management centre changes frequently, for instance during each activation of the user unit. Alternatively, it is possible for the security module to be associated to another decoder. In this way, a message zo arriving at a user unit is not correctly addressed since the security module (the address UA) is no longer the same and the message will not be received by the desired security module.

In the method of the invention, when a message must be sent to a specific user unit STB*, the management centre CG searches in the table of correspondence TC, to find the logical communication address AD* of the communication network corresponding to the unique identification number UA* of the specific user unit STB*. This is disclosed by step 20 in Figure 2. When the logical address is not a real address (IP, MAC), the management centre will collaborate with the intermediate routing devices between the management centre and the concerned user unit in order to determine in a conventional way the physical address to be used to send the message to the logical address corresponding to this user unit, during step 21. This step can, for example, be carried out by means of a server of the DNS type (Domain name system) that defines a hierarchy in the used names. On one hand, this hierarchy allows the uniqueness of the logical addresses to be assured and on the other hand allows the physical address corresponding to this logical address to be found. In the following step io 22, the management centre verifies if it has obtained a return message or receipt from the concerned user unit, in which the correct reception of the message is indicated. If it receives this receipt, the data of the table is maintained as it is with respect to the specific user unit. This is represented by the step 23 in Figure 2. On the contrary, in the case of the non-reception of a receipt, the table must be updated. The non-reception of a receipt can be signalled by a "delivery failure message"
indicating that the initial message has not been delivered or on the contrary by the absence of the reception of a receipt after a certain time period.

zo For the update of the table TC when the message has not been delivered, the management centre transmits a request to a group of user units or to all the user units managed by this management centre.
In the embodiment illustrated, the request is sent, during the step with the reference 24, to a first assembly of user units. This request contains at least one identifier of the specific user unit that is the object of the search as well as a command requesting the user unit to send back a message to the management centre. The identifier can be in particular the unique identification number UA*.

During step 25, the management centre verifies that it has received a 3o return message from the specific user unit STB*. If this is the case, it determines the logical address AD* in the communication network which has been used to send the return message.

Before storing the new logical address, an authentication process is generated in order to ensure that the new address really corresponds to that of the user unit that is the object of the search and not to another user unit having usurped an address. As previously indicated, a possible authentication process consists in sending to the user unit that is to be authenticated, a random number generated by the management centre. This number is then encrypted with a key contained in the user io unit. This encrypted random number is sent back to the management centre where it is decrypted by means of a key stored in the management centre and corresponding to the user unit that is the object of the search. The decrypted value is compared to the random initial number. If these are the same, the user unit is considered as authentic.

In general, every authentication process of a user unit can be used.
Among the possible procedures, it is possible to determine a signature of a unit by means of a one-way function such a hashing or other suitable mathematical operations.

The authenticated logical address is stored in the table of correspondence of the management centre, opposite the unique identification number UA* of the specific user unit. This corresponds to step 26 in Figure 2. Messages can then be sent to the specific user unit STB* using the specific logical address AD*, according to step 21 previously mentioned. The address tables contained in the concerned DNS servers are also updated.

During the previous step 25, if the management centre determines that it has not received a return message, it sends a request to another group of user units. This corresponds to a step with the reference 27.
The management centre then verifies, during step 28, if it has received a return message and updates the table of correspondence, during the following step 26 if a message has been received. If no message has been received, the management centre sends a message to all the user units under its management. This corresponds to step 29. It then verifies, during step 30 if it has received a return message and updates the table of correspondence if this is the case.

On the contrary, if no message is received in return, several solutions are possible, symbolized by the reference 31. One of these consists in restarting the updating process after having waited a certain time.
io Another consists of not sending any more messages to the user unit concerned and storing an indication in the table, according to which this user unit is unavailable. In this case, the subscriber in possession of this user unit can request the reactivation, for example by telephoning the management centre.

The method of the invention has been described according to a particular embodiment in which the request is first sent to a subset of user units, then, if the specific unit has not been found in this subset, it is sent to another subset of user units and finally to all the user units. It is clear that the number of subsets can be larger or smaller. It is also possible to send the request to all the user units from the first sending.
The subset can be formed on the basis of a communication "sub-network", each sub-network being associated to particular communication equipment such as a router, for example. The assembly of these sub-networks forms the communication network between the management centre and the group of user units.

It is also possible to optimize the search by selecting as parts of the first subset to which the request is sent, a certain number of user units among which the possibilities of finding the specific user unit that is the object of the search are greater. This can be determined, for example, from the last address stored by this user unit and using the hierarchy defined in a DNS server.

Claims (9)

1. Method for updating a table of correspondence between a logical address associated to a user unit in a communication network and a unique identification number associated to said user unit, said user unit belonging to a group of user units managed by a management centre (CG), wherein said user unit comprises means for processing data, associated to said logical address, and wherein said user unit further comprises a security module associated to said unique identification number, said method comprising exchange of messages between said management centre and at least one specific user unit (STB*) of said group by means of said communication network, these messages being forwarded to the specific user unit (STB*) using the logical address (AD) of said user unit in said network, characterized in that it comprises the following steps:
- search in said table of correspondence (TC) for the logical address (AD) of the user unit in said communication network using the unique identification number (UA*) corresponding to the specific user unit (STB*);
- sending messages to the specific user unit (STB*) having said unique identification number (UA*), using the logical address (AD) corresponding to said communication network;
- waiting for a receipt from said specific user unit (STB*) having the concerned unique identification number (UA*);
- in case a correct receipt is not received, sending a request from the management center to all or a part of the user units (STB) forming said group, said request containing at least an identifier associated with the unique identification number (UA*) of said specific user unit (STB*) and a command requiring the sending of a return message to the management center;
- detection of a return message of a user unit whose unique identification number (UA*) is associated with said identifier contained in the request;
- determination of the updated logical address (AD*) in said network, used by the specific user unit (STB*) having transmitted the return message;
- verification of the updated logical address (AD*) by establishing a communication between the management centre and the specific user unit (STB*) and authentication of the specific user unit by the management centre, - storage in the table of correspondence (TC) of the management centre of said updated logical address (AD*) of the user unit in said network, in connection with said unique identification number (UA*) of the specific user unit (STB*) having transmitted the return messages.
2. Method for updating a table of correspondence according to claim 1, characterized in that the authentication of a specific user unit includes the steps of:
- sending of a first message containing a value generated by the management centre;
- reception of said first message by the user unit;
- extraction of said value and transformation of this value by means of a key contained in said user unit;
- returning of a second message containing said value transformed at the management centre;
- reception of said second message by the management centre;
- comparison of said returned value with the value expected by the management centre.
3. Method for updating a table of correspondence according to claim 1, characterized in that the identifier associated with the unique identification number (UA*) of said specific user unit (STB*) is said unique identification number (UA*) of this specific user unit.
4. Method for updating a table of correspondence according to any of the claims 1 to 3, characterized in that said unique identification number (UA*) is stored in the security module.
5. Method for updating a table of correspondence according to claim 1, characterized in that the request is sent to a subset of user units, this subset being connected to a communication sub-network forming part of the communication network between the management centre and the group of user units.
6. Method for updating a table of correspondence according to claim 5, characterized in that the subset of user units is selected according to probability criteria in such a way that the probability that the specific user unit (STB*) that is the object of the search belongs to this subset is greater than the possibility that it belongs to another subset containing the same number of user units.
7. Method for updating a table of correspondence according to claim 1, characterized in that encrypted data is transmitted to user units in broadcast mode and the messages are transmitted in point-to-point mode, these messages containing the means to access said data.
8. Method for updating a table of correspondence according to any of the claims 1-7, characterized in that the logical address (AD) is made up of an alphanumeric code.
9. Method for updating a table of correspondence according to any of the claims 1-8, characterized in that the logical address (AD) is stored in the decoder (STB) of the user unit.
CA2582315A 2004-09-30 2005-09-28 Method for updating a table of correspondence between a logical address and an identification number Expired - Fee Related CA2582315C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP04104784A EP1643710A1 (en) 2004-09-30 2004-09-30 Method of updating a lookup table of addresses and identification numbers
EP04104784.6 2004-09-30
PCT/EP2005/054896 WO2006035054A1 (en) 2004-09-30 2005-09-28 Method for updating a table of correspondence between a logical address and an identification number

Publications (2)

Publication Number Publication Date
CA2582315A1 CA2582315A1 (en) 2006-04-06
CA2582315C true CA2582315C (en) 2014-06-03

Family

ID=34929634

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2582315A Expired - Fee Related CA2582315C (en) 2004-09-30 2005-09-28 Method for updating a table of correspondence between a logical address and an identification number

Country Status (10)

Country Link
US (3) US8812624B2 (en)
EP (2) EP1643710A1 (en)
KR (1) KR101130448B1 (en)
CN (1) CN101032147B (en)
AR (1) AR051044A1 (en)
CA (1) CA2582315C (en)
ES (1) ES2650982T3 (en)
IL (1) IL182033A0 (en)
TW (1) TWI408933B (en)
WO (1) WO2006035054A1 (en)

Families Citing this family (96)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6658091B1 (en) 2002-02-01 2003-12-02 @Security Broadband Corp. LIfestyle multimedia security system
US10382452B1 (en) 2007-06-12 2019-08-13 Icontrol Networks, Inc. Communication protocols in integrated systems
US10313303B2 (en) 2007-06-12 2019-06-04 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US9141276B2 (en) 2005-03-16 2015-09-22 Icontrol Networks, Inc. Integrated interface for mobile device
US10348575B2 (en) 2013-06-27 2019-07-09 Icontrol Networks, Inc. Control system user interface
US20090077623A1 (en) 2005-03-16 2009-03-19 Marc Baum Security Network Integrating Security System and Network Devices
US8988221B2 (en) 2005-03-16 2015-03-24 Icontrol Networks, Inc. Integrated security system with parallel processing architecture
US10444964B2 (en) 2007-06-12 2019-10-15 Icontrol Networks, Inc. Control system user interface
US11677577B2 (en) 2004-03-16 2023-06-13 Icontrol Networks, Inc. Premises system management using status signal
US10200504B2 (en) 2007-06-12 2019-02-05 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US11916870B2 (en) 2004-03-16 2024-02-27 Icontrol Networks, Inc. Gateway registry methods and systems
US11811845B2 (en) 2004-03-16 2023-11-07 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US11343380B2 (en) 2004-03-16 2022-05-24 Icontrol Networks, Inc. Premises system automation
US10522026B2 (en) 2008-08-11 2019-12-31 Icontrol Networks, Inc. Automation system user interface with three-dimensional display
US7711796B2 (en) 2006-06-12 2010-05-04 Icontrol Networks, Inc. Gateway registry methods and systems
US11201755B2 (en) 2004-03-16 2021-12-14 Icontrol Networks, Inc. Premises system management using status signal
US9531593B2 (en) 2007-06-12 2016-12-27 Icontrol Networks, Inc. Takeover processes in security network integrated with premise security system
US11316958B2 (en) 2008-08-11 2022-04-26 Icontrol Networks, Inc. Virtual device systems and methods
US11368429B2 (en) 2004-03-16 2022-06-21 Icontrol Networks, Inc. Premises management configuration and control
US10142392B2 (en) 2007-01-24 2018-11-27 Icontrol Networks, Inc. Methods and systems for improved system performance
US9191228B2 (en) 2005-03-16 2015-11-17 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
US10375253B2 (en) 2008-08-25 2019-08-06 Icontrol Networks, Inc. Security system with networked touchscreen and gateway
US10156959B2 (en) 2005-03-16 2018-12-18 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
GB2428821B (en) 2004-03-16 2008-06-04 Icontrol Networks Inc Premises management system
US11582065B2 (en) 2007-06-12 2023-02-14 Icontrol Networks, Inc. Systems and methods for device communication
US11113950B2 (en) 2005-03-16 2021-09-07 Icontrol Networks, Inc. Gateway integrated with premises security system
US11277465B2 (en) 2004-03-16 2022-03-15 Icontrol Networks, Inc. Generating risk profile using data of home monitoring and security system
US11244545B2 (en) 2004-03-16 2022-02-08 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
US11489812B2 (en) 2004-03-16 2022-11-01 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US10237237B2 (en) 2007-06-12 2019-03-19 Icontrol Networks, Inc. Communication protocols in integrated systems
US11159484B2 (en) 2004-03-16 2021-10-26 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US20170118037A1 (en) 2008-08-11 2017-04-27 Icontrol Networks, Inc. Integrated cloud system for premises automation
US9729342B2 (en) 2010-12-20 2017-08-08 Icontrol Networks, Inc. Defining and implementing sensor triggered response rules
US9609003B1 (en) 2007-06-12 2017-03-28 Icontrol Networks, Inc. Generating risk profile using data of home monitoring and security system
US8963713B2 (en) 2005-03-16 2015-02-24 Icontrol Networks, Inc. Integrated security network with security alarm signaling system
US10721087B2 (en) 2005-03-16 2020-07-21 Icontrol Networks, Inc. Method for networked touchscreen with integrated interfaces
US11190578B2 (en) 2008-08-11 2021-11-30 Icontrol Networks, Inc. Integrated cloud system with lightweight gateway for premises automation
US10339791B2 (en) 2007-06-12 2019-07-02 Icontrol Networks, Inc. Security network integrated with premise security system
US8635350B2 (en) 2006-06-12 2014-01-21 Icontrol Networks, Inc. IP device discovery systems and methods
US12063220B2 (en) 2004-03-16 2024-08-13 Icontrol Networks, Inc. Communication protocols in integrated systems
EP1643710A1 (en) * 2004-09-30 2006-04-05 Nagravision S.A. Method of updating a lookup table of addresses and identification numbers
US11615697B2 (en) 2005-03-16 2023-03-28 Icontrol Networks, Inc. Premise management systems and methods
US20110128378A1 (en) 2005-03-16 2011-06-02 Reza Raji Modular Electronic Display Platform
US9306809B2 (en) 2007-06-12 2016-04-05 Icontrol Networks, Inc. Security system with networked touchscreen
US10999254B2 (en) 2005-03-16 2021-05-04 Icontrol Networks, Inc. System for data routing in networks
US9450776B2 (en) 2005-03-16 2016-09-20 Icontrol Networks, Inc. Forming a security network including integrated security system components
US11700142B2 (en) 2005-03-16 2023-07-11 Icontrol Networks, Inc. Security network integrating security system and network devices
US11496568B2 (en) 2005-03-16 2022-11-08 Icontrol Networks, Inc. Security system with networked touchscreen
US20120324566A1 (en) 2005-03-16 2012-12-20 Marc Baum Takeover Processes In Security Network Integrated With Premise Security System
US20170180198A1 (en) 2008-08-11 2017-06-22 Marc Baum Forming a security network including integrated security system components
US12063221B2 (en) 2006-06-12 2024-08-13 Icontrol Networks, Inc. Activation of gateway device
US10079839B1 (en) 2007-06-12 2018-09-18 Icontrol Networks, Inc. Activation of gateway device
US11706279B2 (en) 2007-01-24 2023-07-18 Icontrol Networks, Inc. Methods and systems for data communication
US7633385B2 (en) 2007-02-28 2009-12-15 Ucontrol, Inc. Method and system for communicating with and controlling an alarm system from a remote server
US8451986B2 (en) 2007-04-23 2013-05-28 Icontrol Networks, Inc. Method and system for automatically providing alternate network access for telecommunications
US11237714B2 (en) 2007-06-12 2022-02-01 Control Networks, Inc. Control system user interface
US11646907B2 (en) 2007-06-12 2023-05-09 Icontrol Networks, Inc. Communication protocols in integrated systems
US10523689B2 (en) 2007-06-12 2019-12-31 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US11601810B2 (en) 2007-06-12 2023-03-07 Icontrol Networks, Inc. Communication protocols in integrated systems
US10498830B2 (en) 2007-06-12 2019-12-03 Icontrol Networks, Inc. Wi-Fi-to-serial encapsulation in systems
US10616075B2 (en) 2007-06-12 2020-04-07 Icontrol Networks, Inc. Communication protocols in integrated systems
US11423756B2 (en) 2007-06-12 2022-08-23 Icontrol Networks, Inc. Communication protocols in integrated systems
US12003387B2 (en) 2012-06-27 2024-06-04 Comcast Cable Communications, Llc Control system user interface
US10666523B2 (en) 2007-06-12 2020-05-26 Icontrol Networks, Inc. Communication protocols in integrated systems
US11089122B2 (en) 2007-06-12 2021-08-10 Icontrol Networks, Inc. Controlling data routing among networks
US11212192B2 (en) 2007-06-12 2021-12-28 Icontrol Networks, Inc. Communication protocols in integrated systems
US11316753B2 (en) 2007-06-12 2022-04-26 Icontrol Networks, Inc. Communication protocols in integrated systems
US11218878B2 (en) 2007-06-12 2022-01-04 Icontrol Networks, Inc. Communication protocols in integrated systems
US10423309B2 (en) 2007-06-12 2019-09-24 Icontrol Networks, Inc. Device integration framework
US10051078B2 (en) 2007-06-12 2018-08-14 Icontrol Networks, Inc. WiFi-to-serial encapsulation in systems
US10389736B2 (en) 2007-06-12 2019-08-20 Icontrol Networks, Inc. Communication protocols in integrated systems
US10223903B2 (en) 2010-09-28 2019-03-05 Icontrol Networks, Inc. Integrated security system with parallel processing architecture
US11831462B2 (en) 2007-08-24 2023-11-28 Icontrol Networks, Inc. Controlling data routing in premises management systems
US11916928B2 (en) 2008-01-24 2024-02-27 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US20170185278A1 (en) 2008-08-11 2017-06-29 Icontrol Networks, Inc. Automation system user interface
US11792036B2 (en) 2008-08-11 2023-10-17 Icontrol Networks, Inc. Mobile premises automation platform
US11729255B2 (en) 2008-08-11 2023-08-15 Icontrol Networks, Inc. Integrated cloud system with lightweight gateway for premises automation
US11758026B2 (en) 2008-08-11 2023-09-12 Icontrol Networks, Inc. Virtual device systems and methods
US11258625B2 (en) 2008-08-11 2022-02-22 Icontrol Networks, Inc. Mobile premises automation platform
US9628440B2 (en) 2008-11-12 2017-04-18 Icontrol Networks, Inc. Takeover processes in security network integrated with premise security system
US8638211B2 (en) 2009-04-30 2014-01-28 Icontrol Networks, Inc. Configurable controller and interface for home SMA, phone and multimedia
CN102118454B (en) * 2009-12-30 2015-04-01 中兴通讯股份有限公司 Base station logical address allocation method and device
CN102985915B (en) 2010-05-10 2016-05-11 网际网路控制架构网络有限公司 Control system user interface
US8836467B1 (en) 2010-09-28 2014-09-16 Icontrol Networks, Inc. Method, system and apparatus for automated reporting of account and sensor zone information to a central station
US11750414B2 (en) 2010-12-16 2023-09-05 Icontrol Networks, Inc. Bidirectional security sensor communication for a premises security system
US9147337B2 (en) 2010-12-17 2015-09-29 Icontrol Networks, Inc. Method and system for logging security event data
US9928975B1 (en) 2013-03-14 2018-03-27 Icontrol Networks, Inc. Three-way switch
US9287727B1 (en) 2013-03-15 2016-03-15 Icontrol Networks, Inc. Temporal voltage adaptive lithium battery charger
US9867143B1 (en) 2013-03-15 2018-01-09 Icontrol Networks, Inc. Adaptive Power Modulation
EP3031206B1 (en) 2013-08-09 2020-01-22 ICN Acquisition, LLC System, method and apparatus for remote monitoring
US11405463B2 (en) 2014-03-03 2022-08-02 Icontrol Networks, Inc. Media content management
US11146637B2 (en) 2014-03-03 2021-10-12 Icontrol Networks, Inc. Media content management
US10506409B2 (en) * 2014-09-15 2019-12-10 Cartasense Ltd Systems and methods for brush fire communication
US20180150256A1 (en) * 2016-11-29 2018-05-31 Intel Corporation Technologies for data deduplication in disaggregated architectures
CN110704334B (en) * 2019-09-25 2021-10-15 苏州浪潮智能科技有限公司 Method, system and equipment for important product data management
US11197152B2 (en) * 2019-12-12 2021-12-07 Hewlett Packard Enterprise Development Lp Utilization of component group tables in a computing network

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5278829A (en) * 1991-01-10 1994-01-11 Digital Equipment Corporation Reduced broadcast algorithm for address resolution protocol
US5668952A (en) * 1994-08-08 1997-09-16 International Business Machines Corporation Method for resolving network address by sending reresolve request to nodes at selected time period after establishing address table, and updating the table with received reply thereto
AUPO799197A0 (en) * 1997-07-15 1997-08-07 Silverbrook Research Pty Ltd Image processing method and apparatus (ART01)
KR100248655B1 (en) * 1997-08-26 2000-03-15 전주범 Control memory relay device
US6496862B1 (en) * 1998-08-25 2002-12-17 Mitsubishi Electric Research Laboratories, Inc. Remote monitoring and control of devices connected to an IEEE 1394 bus via a gateway device
EP1022884A1 (en) * 1999-01-25 2000-07-26 CANAL+ Société Anonyme Address assignment in a digital transmission system
FR2790177B1 (en) 1999-02-22 2001-05-18 Gemplus Card Int AUTHENTICATION IN A RADIOTELEPHONY NETWORK
US6393484B1 (en) * 1999-04-12 2002-05-21 International Business Machines Corp. System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks
US20020016855A1 (en) * 2000-03-20 2002-02-07 Garrett John W. Managed access point for service selection in a shared access network
US6982953B1 (en) * 2000-07-11 2006-01-03 Scorpion Controls, Inc. Automatic determination of correct IP address for network-connected devices
JP3800038B2 (en) * 2001-06-08 2006-07-19 ティアック株式会社 Network device, server device, client device, network IP address assigning method and program
US7383561B2 (en) * 2001-06-29 2008-06-03 Nokia Corporation Conditional access system
FR2833373B1 (en) * 2001-12-07 2004-03-05 Infovista Sa INDIRECT ADDRESSING METHOD AND SYSTEM FOR LOCATING A TARGET COMPONENT OF A COMMUNICATION NETWORK
US7124197B2 (en) * 2002-09-11 2006-10-17 Mirage Networks, Inc. Security apparatus and method for local area networks
US7234163B1 (en) * 2002-09-16 2007-06-19 Cisco Technology, Inc. Method and apparatus for preventing spoofing of network addresses
US7724907B2 (en) * 2002-11-05 2010-05-25 Sony Corporation Mechanism for protecting the transfer of digital content
EP1491858A1 (en) 2003-06-27 2004-12-29 Harman Becker Automotive Systems GmbH Navigation method and system
US7250987B2 (en) * 2004-02-06 2007-07-31 Broadcom Corporation Method and system for an integrated VSB/QAM/NTSC/OOB plug-and-play DTV receiver
US8990254B2 (en) * 2004-07-02 2015-03-24 Ellie Mae, Inc. Loan origination software system for processing mortgage loans over a distributed network
US20060031873A1 (en) * 2004-08-09 2006-02-09 Comcast Cable Holdings, Llc System and method for reduced hierarchy key management
EP1643710A1 (en) * 2004-09-30 2006-04-05 Nagravision S.A. Method of updating a lookup table of addresses and identification numbers

Also Published As

Publication number Publication date
AR051044A1 (en) 2006-12-13
KR20070056131A (en) 2007-05-31
US20150312238A1 (en) 2015-10-29
US20090049488A1 (en) 2009-02-19
TW200623775A (en) 2006-07-01
CA2582315A1 (en) 2006-04-06
KR101130448B1 (en) 2012-03-27
EP1797695A1 (en) 2007-06-20
CN101032147B (en) 2011-01-19
ES2650982T3 (en) 2018-01-23
US20140325211A1 (en) 2014-10-30
CN101032147A (en) 2007-09-05
US8812624B2 (en) 2014-08-19
EP1797695B1 (en) 2017-09-13
WO2006035054A1 (en) 2006-04-06
US9077706B2 (en) 2015-07-07
IL182033A0 (en) 2007-07-24
US9769138B2 (en) 2017-09-19
TWI408933B (en) 2013-09-11
EP1643710A1 (en) 2006-04-05

Similar Documents

Publication Publication Date Title
CA2582315C (en) Method for updating a table of correspondence between a logical address and an identification number
US6792474B1 (en) Apparatus and methods for allocating addresses in a network
EP0943200B1 (en) Secure dhcp server
US10708780B2 (en) Registration of an internet of things (IoT) device using a physically uncloneable function
CN1539106B (en) Modular authentication and authorization scheme for internet protocol
US8400970B2 (en) System and method for securing a personalized indicium assigned to a mobile communications device
Wimer Clarifications and extensions for the bootstrap protocol
US5822434A (en) Scheme to allow two computers on a network to upgrade from a non-secured to a secured session
CN101179566B (en) Method and apparatus for preventing ARP packet attack
US7769175B2 (en) System and method for initiation of a security update
US20040090930A1 (en) Authentication method and system for public wireless local area network system
US20100268947A1 (en) Systems and methods for registering a client device in a data communication system
CN101416176A (en) Dynamic host configuration and network access authentication
US7269165B2 (en) Server, communication device, communication system and internet protocol address notification method
US20080279116A1 (en) Method For Obtaining Configuration Data For a Terminal By Using the Dhcp Protocol
US9143482B1 (en) Tokenized authentication across wireless communication networks
JP2009118267A (en) Communication network system, communication network control method, communication control apparatus, communication control program, service control device and service control program
KR100478535B1 (en) System and method for preventing non-certified users from connecting to the internet and network, by using DHCP
JP2004078280A (en) Remote access mediation system and method
JP2003318939A (en) Communication system and control method thereof
KR101584986B1 (en) A method for network access authentication
JP2008244765A (en) Dynamic host configuration protocol server, and ip address assignment method
EP2750348A1 (en) A login recovery system
KR100358927B1 (en) Name server and naming data authentication method in secure domain name system

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20190930